CVE-2015-1646

Currently unrated

Key Information:

Vendor: Microsoft
Status: Xml Core Services
Vendor: CVE Published:; 14 April 2015

Summary

Microsoft XML Core Services (aka MSXML) 3.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted DTD, aka "MSXML3 Same Origin Policy SFB Vulnerability."

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securitytracker.com/id/1032114

vdb-entryx_refsource_SECTRACK

EPSS Score

66% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 14, 2015
Vulnerability Reserved
Feb 17, 2015

Collectors

NVD DatabaseMitre Database